GRE and GRE6 Protocols (RFC2784) do not validate or verify the source of a network packet allowing an attacker to spoof and route arbitrary traffic via an exposed network interface that can lead to spoofing, access control bypass, and other unexpected network behaviors. This can be considered similar to CVE-2020-10136.
oryginał ENCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:LIetf Generic Routing Encapsulation
APPIetfwszystkie wersjeIetf Generic Routing Encapsulation6
APPIetfwszystkie wersje
Powiązane podatności
The MD5 Message-Digest Algorithm is not collision resistant, which makes it easier for context-dependent attac...
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can ...
An issue was discovered in the IPv6 protocol specification, related to ICMP Packet Too Big (PTB) messages. (Th...
The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, and ecdsa_fixed_ecdh...
The IPv6 protocol allows remote attackers to cause a denial of service via crafted IPv6 type 0 route headers (...